I am trying to access a smart card in a Linux system in a virtual machine. The USB device is mapped to the virtual machine and can be transferred via lsusb (ID 076b: 3021 OmniKey AG CardMan 3121). I can access the smart card through pkcs11-tool and pkcs15-tool. Firefox can also access the token through the / usr / lib / opensc -pkcs11.so library.
But when I try to access the smart card with Java, an empty keystore is returned. I am using the following configuration for the provider sun.security.pkcs11.SunPKCS11.
name = PKCS11Test library = /usr/lib/opensc-pkcs11.so slot = 0
When using another slot (I tried slot 0-15), I get CKR_PIN_INCORRECT or "PKCS11 not found" errors. In my tests, I load keystore as follows:
char[] pin = "123456".toCharArray(); KeyStore ks = KeyStore.getInstance("PKCS11", p); ks.load(null, pin);
On the other hand, the pkcs11 tool is back for slot 0:
Slot 0 CCID Compatible
token model: PKCS#15 emulated
Since Java seems to be accessing the map in slot 0 (at least no error is returned), I'm probably doing something else wrong in accessing the keystore. How to access the private key?
source share